From 7efef9dd433d5ce2377573b529f4cd501b125ab7 Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Wed, 25 Jan 2017 12:19:23 +0545 Subject: Captive Portal auth method is required When creating a new Captive Portal Zone the user can fail to select any of the Authorization Method radio buttons. No default radio button is selected - that is probably good, as the user has to think and click to decide which authorization method they will use. But the form validation should check that some valid value is POSTed when the CP is enabled. (cherry picked from commit 0ee22f364ca62b8305ff36447954dacdbc3c3cce) --- src/usr/local/www/services_captiveportal.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/usr') diff --git a/src/usr/local/www/services_captiveportal.php b/src/usr/local/www/services_captiveportal.php index 3aaff78..27747d9 100644 --- a/src/usr/local/www/services_captiveportal.php +++ b/src/usr/local/www/services_captiveportal.php @@ -243,8 +243,8 @@ if ($_POST) { /* input validation */ if ($_POST['enable']) { - $reqdfields = explode(" ", "zone cinterface"); - $reqdfieldsn = array(gettext("Zone name"), gettext("Interface")); + $reqdfields = explode(" ", "zone cinterface auth_method"); + $reqdfieldsn = array(gettext("Zone name"), gettext("Interface"), gettext("Authentication method")); if (isset($_POST['auth_method']) && $_POST['auth_method'] == "radius") { $reqdfields[] = "radius_protocol"; @@ -271,6 +271,10 @@ if ($_POST) { } } + if ($_POST['auth_method'] && !in_array($_POST['auth_method'], array('none', 'local', 'radius'))) { + $input_errors[] = sprintf(gettext("Authentication method %s is invalid."), $_POST['auth_method']); + } + if ($_POST['httpslogin_enable']) { if (!$_POST['certref']) { $input_errors[] = gettext("Certificate must be specified for HTTPS login."); -- cgit v1.1